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A data management method for managing 



devices coupled to the storage system, the methoi i comprising a step of: 

selectively servicing, at the storage system, a request from one of the at least two devices 
for access to a portion of data stored at the storage system responsive to configuration data 



indicating that the one of the at least two devices 



MS 



access to a storage system by at least two 



is authorized to access the portion of data. 



2. The data management method according to claim 1, where the storage system is arranged 
to store a plurality of volumes of data, and wherein the configuration data is stored in the storage 
system in a configuration table comprising a plvirality of records, each of the records including an 
identifier and information indicating which of the volumes of data are available to a device 
associated with the corresponding identifier, and wherein the step of selectively servicing further 
includes steps of: 

receiving the request at the storage system issued by the one of the at least two devices, 
the request including a source identifier identifying the one of at the at least two devices that 
initiated the request and an address to one of the volumes of the plurality of volumes in the 
storage system; and 

determining whether to service the request responsive to a portion of the configuration 
data associated with the source identifier and the address of the one of the volumes. 



3. The data management method according 
least two devices are coupled together by a netv^^ork. 

forwarding the request from the one of lihe 
the network. 



to claim 1 , wherein the storage system and the at 
, the method including a step of: 
at least two devices to the storage system over 



4. The data management method according to claim 3, wherein the step of forwarding 
includes forwarding the request using a Fibre Channel protocol. 



5. The data management method according to claim 2, further comprising a step of: 
authenticating the request received at the storage system to verify that the device 
identified in the source identifier is the one of the at least two devices that issued the request. 
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6. The data management method according to claim 5, wherein the step of authenticating 
further comprises a step of comparing an expected identifier associated with the request against 
an authenticating identifier received with the request to determine whether the expected identifier 
and authenticating identifier match. 

5 

7, The data management method according to claim 6, wherein the authenticating identifier 
is encrypted using a key associated with the one of the at least two devices that issued the 
request. 

10 8- The data management method according to claim 7, wherein the step of authenticating 
further comprises a step of: 

decrypting a portion of the request at the storage system using a key associated with the 
one of the at least two devices that issued the request. 

15 9. The data management method according to claim 1, wherein the one of the at least two 
devices is a host processor, and wherein the step of forwarding includes the step of forwarding 
the request fi-om the host processor to the storage system. 

10. The data management method according to claim 1, wherein at least one of the at least 
20 two devices is a file server and wherein the step of forwarding includes the step of forwarding 

the request from the file server to the storage system. 

1 1 . The data management method according to claim 1 , wherein the storage system includes 
a plurality of disk drives, and wherein the step of selectively servicing includes the step of 

25 forwarding the request to one of the plurality of disk drives. 

12. The data management method according to claim 1, further comprising a step of: 
validating the request from the one of the at least two devices at the storage system to 

verify that the request was not altered during transit. 

30 
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13. The data management method according to claim 2, wherein the configuration table 
comprises a plurality of records arranged in an array including a plurality of rows corresponding 
to a number of volumes of data available at the storage system and a plurality of columns 
corresponding to a number of ports available at the storage system, and wherein each of the 
records includes a bitmap having a bit corresponding to each device authorized to access each of 
the corresponding ports, and wherein the step of determining whether to service the request 
comprises steps of: 

indexing the configuration database using the address provided in the request to identify 
an indexed record; and 

comparing the bitmap of the indexed record with the source identifier to determine 
whether a bit of the bitmap associated with the source identifier indicates that the one of the at 
least two devices associated with the source identifier has access to the volume of the storage 
system associated with the indexed record. 

14. The data management method according to claim 1, wherein the step of selectively 
servicing further comprises steps of: 

servicing a first request issued by a first one of the at least two devices for access to a first 
portion of data in the storage system responsive to configuration data associated with the first 
one of the at least two devices and an address of the first portion of data specified the first 
request; and 

precluding a second request issued by a second one of the at least two devices for access 
to the first portion of data in the storage system fi*om being serviced responsive to configuration 
data associated with the second one of the at least two devices and the address of the first portion 
of data specified in the second request. 

15. A computer readable medium co mprising : 

a first data structure to manage accesses by a plurality of devices to volumes of data at a 
storage system, the first data structure c ^mprising a plurality of records corresponding to the 
plurality of devices, each record of the ])lurality of records corresponding to one of the plurality 
of devices and including configuration nformation identifying which of the volumes of the 
storage system the one of the plurality pf devices is authorized to access. 
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16. The computer readable medium according to claim 15, in combination with the storage 
system, wherein the computer readable medium is a memory of the storage system. 

17. The combination according to claim 16] in further combination with the plurality of 
devices and a network, wherein the storage system and the plurality of devices are coupled to 
communicate over the network. 

1 8. The combination of claim 17, wherein the storage system and the plurality of devices 
communicate according to a Fibre Channel network protocol. 



19. The combination according to claim 16, wherein the storage system further comprises: 
a second data structure comprising a plurality of records that form a copy of a subset of 
the plurality of records in the first data structure, wherein the subset of the plurality of records in 
the second data structure is associated with a subset of the plurality of devices that are logged 
into the storage system. 



20. The combination according to claim 1 9, wherein the second data structure further 
comprises: 

an array of records having a plurality of columns corresponding to the volumes of data at 
the storage system and a plurality of rows corresponding to a plurality of ports of the storage 
system, each record in the array including at least one bit corresponding to each of the plurality 
of devices. 

21. A storage system comprising: 

at least one storage device apportioned into a plurality of volumes; 

a configuration table to store configuration data identifying which of a plurality of 
devices coupled to the storage! system are authorized to access each of the plurality of volumes; 
and / 

a filter, responsive to pie configuration data, to selectively forward to the at least one 
storage device requests for access to the plurality of volumes received fi-om the plurality of 
devices. / 
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22. The storage system according to claim 21, wherein the filter forwards a request to a 
volume for servicing by the storage system responsive to the configuration data indicating that 
the one of the plurality of devices that issued the request is authorized to access the volume. 



5 23. The storage system according to claim 21, wherein the filter precludes a request to a 

volume from being serviced by the storage system responsive to the configuration data indicating 
that the one of the plurality of devices that issued the request is not authorized to access the 
volume. 



10 24. The storage system according to claim 21, wherein the configuration table comprises a 
2 number of records, each record including an identifier and a map, the map indicating which 

^ volumes of the storage system are capable of being accessed by a device associated vnth the 

identifier, wherein each request received at the filter includes a source identifier identifying the 
one of the plurality of devices that issued the request and an address to one of the plurality of 
2^ 15 volumes, and wherein the filter fiirther comprises: 



01 



a comparator to compare each request against the information in a selected record in the 
configuration table associated with the request to determine whether the one of the plurality of 
devices that issued the request is authorized to access the volume. 




20 25. The storage system according to claim 24, wherein an identifier in the selected record 
corresponds to the source identifier of the request. 



26. The storage system according to clkim 21, in combination with the plurality of devices 
and a network that couples the storage sys em to the plurality of devices. 

27. The combination of claim 26, wherein the storage system and the plurality of devices 
communicate over the network using a Fibre Channel network protocol. 



28. The storage system according to clmm 21, further comprising: 
30 means for authenticating each request received at the filter to verify that the one of the 

plurality of devices indicated in the request as issuing the request is the device that issued the 
request. 
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29. The storage system according to claim 21, further comprising: 

means for validating a request received at the storage system to verify that the request 
was not altered in transit. 

30. The storage system according to claim 21, wherein the at least one storage device 
includes a plurality of disk drives. 

3 1 . The combination according to claim 26, wherein at least one of the plurality of devices is 
a host processor. 

32. The combination according to claim 26, wherein one of the plurality of devices is a file 
server. 



